Canada is Spying on Its Citizens Too

Some servers in a data centre, suckin' up your data. via Flickr user Sean Ellis.
When Glenn Greenwald and Ryan Gallagher worked with the Canadian Broadcasting Corporation (CBC) earlier this year to report that Communications Security Establishment Canada (CSEC) was using free airport WiFi to spy on Canadian travelers (in at least one documented incident), the mainstream media’s interpretation of this news was quietly refuted on an obscure, fascinating blog called Electrospaces, which approaches telecommunications and surveillance from a much more insider-y and technical perspective.

According to the Electospaces report, the media had largely misinterpreted the significance of CSEC’s airport spying program. It’s not surprising either, given the highly complex nature of basically any surveillance or intelligence presentation that has leaked from the treasure chest of Edward Snowden. They’re written to be opaque, and we’re living through an unprecedented time of unintended intelligence industry transparency.

In a post titled “Did CSEC Really Track Canadian Airport Travelers” written on Electrospaces, Peter Koop, the blog’s founder, published a much different interpretation of the leaks by an unnamed reader. The interpreter writes: “CSEC was just running a pilot experiment where they needed a real-world data set to play with. This document does not demonstrate any CSEC interest in the actual identities of Canadians going through this airport, nor in tracking particular individuals in the larger test town of 300,000 people…Technically however, CSEC does not have a legal mandate to do even faux-surveillance of Canadian citizens in Canada. So they could be in some trouble—it could morph into real surveillance at any time—because the document shows Canadian laws don't hold them back.”

The post, if you are interested in unpacking the ramifications of the CSEC leaks, is a must-read. Especially since Ronald Deibert, the founder of the Citizen Lab (a University of Toronto think tank thats mandate is largely to study the intersection between governments and the internet), who the CBC hired to help interpret the CSEC leaks, commented on the post by writing: “As someone who reviewed the un-redacted documents prior to the CBC publication, and who was unhappy with the story's focus on ‘Free WIFI in airports’ which has spread far and wide, I agree entirely with this analysis.”

One of the key elements that the post examines is CSEC’s cooperation with five different corporations to uncover metadata: Quova (a subsidiary of the American telecom giant Neustar), Bell Sympatico, Boingo (a popular airport WiFi provider), and Akamai (a corporate server company whose actual work is much more complex than this parenthetical will allow).

The relationships between agencies like CSEC and the NSA, and public corporations, is largely unreported. We know that companies like Verizon, Google, Yahoo, and Microsoft have all cooperated with the NSA to some degree, but how do those relationships manifest themselves in Canada?

It’s worth considering the extent that Canadian taxpayer dollars filter into Wall Street, via the purchase of American surveillance equipment and services. In the case of the airport WiFi leak, where surveillance tools were apparently tested on Canadian citizens by CSEC, the importance of this question becomes underlined and bolded. Simply put, the government is maneuvering on a slippery slope when they use taxpayer money to purchase metadata collection services from publicly traded corporations, which can apparently assist in mass surveillance operations.

For now, lets focus on Quova, one of CSEC’s corporate partners, whose parent company Neustar has been called “the most important tech company you’ve never heard of,” because of its huge share in the clandestine market of law enforcement data requests. In 2012, cell phone carriers in the United States answered more than 1 million requests for customer information from cell phone carriers, who were forced to turn over “caller locations, text messages and other data for use in investigations.” While similar requests are underreported in Canada, between April 2012 and March 2013 the Canadian Border issued 18,000 requests for customer data that included: “content of voicemails and text messages, websites visited and the rough location of where a cellphone call was made.”

In a post on Neustar’s blog entitled “FAQs About Neustar and Our Assistance to Law Enforcement,” the company addresses a few questions about its cooperation with American authorities. The post explains that Neustar is the central body that helps connect cell phone customers across various carriers and providers. And, in case you’re wondering: “None of Neustar’s wireless carrier clients can, nor does Neustar on their behalf, ‘ping’ or geolocate a handset device at the request of law enforcement.” So, the company can’t track people down in real time. They also state, “we will deny requests for information when the proper documentation is not provided,” so at least the entrance to their vault of customer metadata isn’t a revolving door.

That said, Neustar did not respond to VICE’s requests for comment to discuss its cooperation with Canadian authorities.

Besides the mention of Quova in CSEC’s free airport WiFi document, the company’s name also popped up in documents that outline the highly contentious joint operation conducted by CSEC and the NSA against the Brazilian Ministry of Mines and Energy. That story originally broke through the Guardian, and Quova’s name appeared a few times in the leaked Olympia program presentation, which seemed to outline Five Eyes spying on Brazil. Given the more aggressive nature of the Brazil leaks, at least compared to the airport snooping plot, Quova was seemingly used to provide agents with IP ranges (to specifically locate Brazilian government computers), geo-location data related to IP addresses (to find out where these computers are in the world, exactly), and anonymizers to mask their economic espionage.

VICE contacted Peter Koop, the founder of Electrospaces, to discuss the relationship between Quova, Neustar, and CSEC. Mr. Koop had this to say: “I only have evidence that CSEC is using the Quova-tool, which is part of the Neustar portfolio now. But as Neustar is providing a wide range of internet registry and traffic monitoring services, it's very well possible that CSEC also uses other tools and services provided by this company.”

Very well possible indeed, especially considering the steps Neustar has taken to position itself as the go-to source for surveillance assistance. While it’s hard to say just how embedded Neustar is in the world of Five Eyes surveillance, Neustar’s 2005 purchase of Fiducianet, a company specializing in Communications Assistance for Law Enforcement Act (CALEA) compliance, was a firm step in this direction.

At the time, Neustar’s CEO Jeff Ganek said this of the Fiducianet purchase: “Through Fiducianet, Neustar is well positioned to address the law enforcement compliance needs of communications service providers.” Ganek continued, “Service providers are legally on the hook to solve this problem. Fiducianet has the platform that solves it. They can do it better and more efficiently than the carriers themselves.”

The service providers Ganek was referring to were likely the telecom companies that Neustar works with, which as of writing total roughly 5,700. So basically, while your cell phone provider is gouging you on roaming and excessive data use, Neustar could be gouging them for their services that help the Bell's, Rogers', and Telus' of the world deal with law enforcement requests.

Evidently, Canada depends heavily on American corporations to help move into a surveillance-friendly future. In an NSA document detailing the relationship between the NSA and CSEC, NSA authors note that due to CSEC’s “limited ability to produce cryptographic devices,” CSEC is “a large consumer of U.S. IA (Information Assurance) products.”

Information Assurance products, like Neustar’s NeuSentry portfolio (which warns clients to “prepare for the worst” when it comes to cybercrime) can either be cloud-based infrastructure security tools, hardware products for integration into existing computer networks, or third-party monitoring services. In short, Neustar sells a shitload of products that help governments and companies stay secure on the interwebs. These products and services are likely a big part of operational expenses at agencies like CSEC. Apparently the Americans are well aware that Canada needs to spend a ton of our funny money on their fancy telecom data collection tools, which means Neustar must be doing quite well—thanks to Canada’s thirst for metadata and cybersecurity.

It certainly sounds as if strengthening partnerships with corporations is a mandate across the Five Eyes spy agencies. The five-year SIGINT (signals intelligence) Strategy plan for the NSA discusses at length the need to develop “embedded, deeply interactive engagements” with what are described throughout as internal/external and public/private partners. This desire to “fully leverage internal and external NSA partnerships,” seems to indicate that growing the corporate network of the Five Eyes spy agencies is a priority—meaning the expansive and mysterious CSEC and Neustar relationship is only a small part of the puzzle.

This quest to strengthen the partnerships between surveillance agencies and their various partners also reared its head in the 2009 National Security Telecommunications Advisory Committee (NSTAC) report, which asked President Barack Obama to focus on three main objectives: the integration of federal cyber-security activities “under a single, central organizing governance structure,” collaboration with industry leaders in order to develop a “legal framework to protect the nation’s critical infrastructure,” and lastly, the nurturing of “strong public/private partnership(s).” Based on that third goal, it’s not surprising to hear that current Neustar President, CEO and Board of Directors member Lisa Hook was appointed to NSTAC in June of 2011 by President Obama.

VICE reached out to CSEC for comment on their relationship with Neustar in particular, and other public corporations in general, but they only offered a non-answer. One of the agency’s spokespeople, Ryan Foreman, told us: “CSE cannot comment on its operations or capabilities, and therefore, we are unable to respond to your question.”

Right. Well, moving right along then.

On one hand, it can be considered a good thing that third-party operators like Neustar hold the keys to vaults of metadata that telecommunications leave behind, that they operate as a middle-man between law enforcement agencies (LEA) and the telecom providers that can sometimes struggle with processing LEA requests for information. On the other hand, however, we need to know more about the ways in which these profit-focused enterprises handle all of this information.

In Canada, CSEC’s budget for 2013 was $444 million, and it is reported to total $829 million in 2014. In the United States, the NSA is said to have spent $10.8 billion in 2013—so where does all of this money go?

We know that public corporations like Neustar are active in domestic and international surveillance operations, and also that understanding the nature of these relationships is about as easy as sneezing with your eyes open. But without information on these relationships, we are only left to guess about how the corporate partners of the Five Eyes alliance inform programs and operations and the extent of their profiteering. As noted by Mr. Koop and confirmed by CSEC’s man of few words Ryan Foreman, this information is closely guarded.

If public, corporate partners assist in shady operations at Canadian airports and throughout Brazilian ministries, then are they also assisting the US government when it flies drones over Yemen, where it’s alleged that electronic metadata analysis replaced human intelligence and was used to inform and justify a drone strike that killed 12 members of a wedding party?

It doesn’t take an internet-savvy Sherlock Holmes to see that there’s something off about taxpayer money being funneled into a public corporation that assists in dodgy surveillance operations, that sometimes targets those same taxpayers, and that may piss off friendly nations like Brazil in the process—all while operating in a way that must necessarily benefit shareholders.

Public corporations like Neustar have access to what they call “unique, authoritative datasets,” and aim to position themselves as one-stop shops for LEA’s, while remaining beholden to their shareholders and the pursuit of profit above all. In the arena of espionage assistance, this relationship is concerning to say the least.

How rich are the already-wealthy telecom companies getting by way of Canadian tax dollars? Has that tax money ever been used to pay for assistance in surveillance operations conducted against Canadians? Are public corporations selling potentially unreliable data to LEAs in the name of maximizing profits? If so, is this data used to inform programs, like the drone missions, that result in the wrongful death of innocents?

These are big questions that to date remain unanswered. Follow Patrick McGuire on Twitter.

George Arthur is an independent journalist, this is his first contribution to VICE. He made a Twitter account today.